Hey hey, if you like to test something new like update on prod that is exactly for you my seety geek :)))))))) If you thought the Windows 11 24H2 upgrade was just another boring patch Tuesday — think again. After the upgrade, users happily log in with their PIN… until the dreaded message appears: “PIN…
Tag: Cybersecurity
Microsoft Security Exposure Management: Ninja Training — No Magic, Just Painful Truths
Hi for All of you IT geeks and Security Gents! If you thought this was another shiny Microsoft hype circus — spoiler: it’s not.MSEM Ninja Training won’t turn you into some Hollywood hacker-Ninja in a hoodie. What it will do is drag you through the joyless swamp of Continuous Threat Exposure Management (CTEM) until you…
Microsoft Sentinel: Now Smarter, Meaner, and Autogenerating Paranoia
July 2025 Updates — Welcome to the age of Copilot-driven SOC mayhem Another month, another round of Microsoft Sentinel updates. But this time, it’s not just “new features” — it’s Copilot on caffeine, automation on steroids, and behavior analytics that feel more like digital surveillance than SIEM. 🔥 What’s new in July? 🧠 Incident Enrichment…
Windows is dead, but still breathing cash
The new Extended Security Updates (ESU) 2025 Microsoft just launched a new necromancy-as-a-service program.Officially, Windows 10 dies on October 14, 2025. But with ESU, it can limp along till 2028 — a solid business decision if you’re not quite ready to bury your operating system. 💀 Is Windows 10 really dying? Yep. After Oct 14,…
GDPR: Not Just a Regulation — Your Digital Trust Architecture in the EU
Why every European company must treat GDPR not as a checkbox, but as a strategic pillar “Compliance is not a project. It’s a posture.”— Chief Privacy Officer, leading European fintech firm 🧩 What is GDPR — beyond the basics The General Data Protection Regulation (GDPR) is Regulation (EU) 2016/679 of the European Parliament and Council,…
DPAPI: The Granddaddy of Windows Crypto (and your secrets)
Hey hey, so, n0w lets talk about DPAPI DPAPI is ‘Data Protection API’ is Windows’ native system for encrypting stuff like saved credentials, cookies, Wi-Fi passwords, and personal certs. Introduced in Windows 2000, it’s the ancient beast that still powers a terrifying amount of “secure storage” in modern Windows. 🧠 Under the Hood Based on…
Break the Chain: Why FIDO2 Is Killing Passwords for Good
Hey, let’s be honest: passwords are over. SMS‑codes, pushpopups, totp tokens, great in theory, weak in real‑life fights. bad guys surf that weakness like it’s a goldmine. phishing got too smart, MFA fatigue is real, and attackers no longer brute-force, they social-engineer the hell out of u. that’s where FIDO2 crashes in like a hero,…
Your Certificate Authority might betray u, like… for real :)))
aka: how to stop trusting blindly and lock down ur Microsoft ca before it ruins ur life What’s the big deal, why care about some “ca”? So CA is a topic a spicy one. like, most people don’t even think about certificate authority. it’s just “one of those servers in the corner” that got set…
Scheduled Password Changes Are an Outdated Practice
Hi for All and have a nice time, so today we are talking about passwords (ready?) Let’s think! • In most IT systems and various companies, mandatory periodic password changes are a common rule. At my company, passwords must be changed every three months. Do you think this approach is correct? After all, this practice…
OWASP Top 10 NHIs Risks 2025
1. Improper Offboarding When NHIs (Non-Human Identities) like service accounts, API keys, and machine credentials are not properly offboarded, they can become a security risk. This includes failing to deactivate old or deprecated secrets, leading to “zombie NHIs” that attackers can exploit. Automating the NHIs lifecycle ensures stale secrets are discovered and revoked, reducing attack…